<?php
	require_once("functions.php");
	$con = connectToDB();
	
	if(!isset($_POST["username"])){
		header("location:signup.php");
		die();
	}
	
	//for captcha
	session_start();
	require_once 'securimage/securimage.php';
	$securimage = new Securimage();
	if ($securimage->check($_POST['captcha_code']) == false) {
		header("location:signup.php?message=". urlencode("Failed Captcha validation."));
		mysql_close($con);
		die();
	}
	
	$uname = mysql_real_escape_string($_POST["username"]);
	$pword = md5($_POST["password"]);
	$first = mysql_real_escape_string($_POST["first"]);
	$last = mysql_real_escape_string($_POST["last"]);
	$bdate = $_POST["birthdate"];
	$occ = (isset($_POST["occupation"])) ? mysql_real_escape_string($_POST["occupation"]) : NULL;
	$org = (isset($_POST["organization"])) ? mysql_real_escape_string($_POST["organization"]) : NULL;
	
	$sql = "INSERT INTO user (username,password,first,last,birthdate,occupation,organization) values ('$uname','$pword','$first','$last','$bdate','$occ','$org')";
	
	if (!mysql_query($sql, $con)) {
		header("location:signup.php?message=". urlencode(mysql_error()));
		mysql_close($con);
		die();
	}else{
		mysql_close($con);
		$_SESSION['username'] = $uname;
		$_SESSION['password'] = $pword;
		header("location:workspace.php");
	}
?>